I would think that VoIP over VPN is a bad idea as UDP packets need to be in realtime not corrected by the TCP of the VPN.
Garth van Sittert Technical Director BitCo 08600 24826 www.bitco.co.za Aurimas Skirgaila wrote: > Despite the VPN overhead, running VOIP through VPN is good idea > because VPN reorders encapsulated UDP packets in correct order. > Security matters as well. > > I'd suggest to route VNC packets rather over internet than VPN (so do > I), as VPN usually has the highest priority. > > On Thu, May 7, 2009 at 11:33 PM, Roberto Piola > <roberto.pi...@visiant.it <mailto:roberto.pi...@visiant.it>> wrote: > > I do not have examples, but if you are using the 1700 series > router in order to originate the ipsec vpn, you may use command > qos pre-classify (please search for it on cco.cisco.com > <http://cco.cisco.com>) > > > On Thu, May 7, 2009 at 9:54 PM, Brent Davidson > <br...@texascountrytitle.com <mailto:br...@texascountrytitle.com>> > wrote: > > I've got multiple satellite office all linked back to the main > office > via VPN. Each office has their own asterisk server which > registers back > to the main office's Asterisk server. Each office also has a 1Mb > downstream / 384k - 768k upstream connection. The branches > are using > Speex for their connections back to the main office. The > issue I'm > having is that there are times that I need to VNC in to > machines at the > various offices for tech support while the user is also on the > phone. > Unfortunately the VNC connection apparently takes priority and > makes it > impossible for me to understand anything the person on the > phone is > saying, although they can still hear me fine. > > Our Main office uses a Cisco PIX 506 for the main firewall and VPN > concentrator. Each branch office used a Cisco 1700 series > router with > IPSec enabled in the IOS. Is there any sort of QoS I can turn > on on the > main router or the branch routers to make sure the voice > quality takes > precedence over the VNC? (Any example configs would be > greatly appreciated) > > Would I be better off routing the voice packets over the > internet rather > than the VPN, and could I safely do that without exposing the > asterisk > boxes to unnecessary security risks? (At present all of our > asterisk > boxes are behind the firewalls and only talk to each other > over the > VPN. All PSTN connection is done through TDM boards so they > have no > direct exposure to the internet.) > > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > > > > -- > Mvh, > Aurimas Skirgaila > ------------------------------------------------------------------------ > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users